Ah,
I'm glad I use a mac. Every time I read the vitriol of MS users, items like this restore my faith in my decision making processes
A new banking Trojan with infection rates similar to SpyEye and Zeus in some regions has emerged. The Sunspot Trojan has already been linked to instances of fraudulent losses, according to transaction security firm Trusteer. The Windows-based malware is designed to carry out man-in-the-browser attacks, including web injections …
On x86 hardware, Tails is The Anonymous Internet Live System , a 700meg debian distro CD that runs iceweasel over Vidalia/Tor, and leaves minimal footprint on the host hardware. (It runs on a mac, but the Wifi wasn't functional on my iMac-ethernet ok) Now of course the problem is that the crims are starting to host Tor exit servers looking for financial traffic..... Come on three(4inuk) letter agencies, we need more Tor servers!
But yes, windows and banking should be kept f a r A P A R T
With Mac sales skyrocketing it's starting to like a platform that the scumbags will happily invest some time and effort into finding the weaknesses, so I would get too comfortable with that smug attitude.
I own 4 Macs but I don't trust any O/S maker to build the perfect system without making mistakes, whether that be Windows, Linux or Mac. There's no substitute for good honest paranoia when connecting to "da toobs"!
The problem with most Mac users is that they believe instead of check. I will not claim my Mac is "impossible to highjack" - although I don't install what I don't know (and run my main account without admin rights - NOT an OSX default), I still prefer proof over religion, so I run Kaspersky every so often.
I would in any case not get too glib. an MITM attack can be executed outside your precious Mac by a highjacked site. That can be achieved by DNS pollution, and Safari is IMHO pretty crap at showing the contents of site certificates. At that point it's game over - for OSX and Linux too.
So please don't get too comfortable just yet. So far, I have seen only halfway solutions - stay alert..
7 comments in and the usual Mac / MS / Linux bitching. But no comments about the source of the article.
T r u s t e e r
One of the companies promoting its solution to , oh, let's see, man-in-the-browser attacks such as this. "Only 20% of products pick it up, and ours just happens to be one of them"
Never believe the hype from any vendor. Just be totally paranoid in the first place. And don't be especially smug that your non-Windows machine is "safe". It's just "safe" until someone hacks it. EVERYTHING is vulnerable.